21 matches found
CVE-2020-35727
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseDirs.do file via the title parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2020-35719
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Search/index.jsp file via the added parameter. NOTE: This vulnerability only affects products that are no longer supported by...
CVE-2020-35720
Stored XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to store malicious code in multiple fields first name, last name, and logon name when creating or modifying a user via the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the...
CVE-2020-35204
Reflected XSS in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the PolicyAuthority/Common/FolderControl.jsp file via the unqID parameter. NOTE: This vulnerability only affects products that are no longer support...
Cross site scripting
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the /WebCM/Applications/Search/index.jsp file via the added parameter. NOTE: This vulnerability only affects products that are no longer supported by...
Cross site scripting
Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the BrowseDirs.do file via the title parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2020-35722
CSRF in Web Compliance Manager in Quest Policy Authority 8.1.2.200 allows remote attackers to force user modification/creation via a specially crafted link to the submitUser.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2020-35722
The data shows a concrete CSRF vulnerability in Quest Policy Authority 8.1.2.200, affecting the Web Compliance Manager component (submitUser.jsp) and enabling remote modification/creation of user accounts. Root cause: CSRF in Web Compliance Manager. Impact: allows unauthorized user modifications ...
PT-2021-11722 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows attackers to inject malicious code into the browser via a specially crafted link to the "PolicyAuthority/Common/FolderControl.jsp" file using the unqID parameter. This...
PT-2021-11831 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows remote attackers to inject malicious code into the browser via a specially crafted link to the "/WebCM/Applications/Search/index.jsp" file via the added parameter. This...
PT-2021-11721 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows attackers to inject malicious code into the browser via a specially crafted link to the "initFile.jsp" file using the msg parameter. This affects products that are no long...
PT-2021-11839 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows remote attackers to inject malicious code into the browser via a specially crafted link to the "BrowseDirs.do" file using the title parameter. This affects products that a...
PT-2021-11836 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows remote attackers to inject malicious code into the browser via a specially crafted link to the "Error.jsp" file. This can be achieved directly via the err parameter or...
PT-2021-11723 · Quest · Quest Policy Authority
Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows attackers to perform Server Side Request Forgery SSRF in the Web Compliance Manager component, enabling them to scan internal ports and make outbound connections via the...
Quest Policy Authority For Unified Communications Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data text and instant messaging, videoconferencing, email and voicemail between various media. A cross-site scripting vulnerabili...
Quest Policy Authority Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data text and instant messaging, videoconferencing, email and voicemail between various media. A cross-site scripting vulnerabili...
Quest Policy Authority For Unified Communications 跨站脚本漏洞
Quest Policy Authority For Unified Communications is a software from Quest, Inc. that is used in corporate environments to consolidate communication data between various media text and instant messaging, video conferencing, email and voicemail. A cross-site scripting vulnerability in Quest Policy...
Quest Policy Authority Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data between various media text and instant messaging, video conferencing, email and voicemail. A cross-site scripting...
Quest Policy Authority Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data text and instant messaging, videoconferencing, email and voicemail between various media. A cross-site scripting vulnerabili...
Quest Software Policy Authority For Unified Communications Cross-Site Scripting Vulnerability
Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data text and instant messaging, videoconferencing, email and voicemail between various media. A cross-site scripting vulnerabili...